Re: [Bitcoin-development] Proposal to address Bitcoin malware

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Natanael <natanael.l@gmail•com>
To: Brian Erdelyi <brian.erdelyi@gmail•com>
Cc: bitcoin-development@lists•sourceforge.net
Subject: Re: [Bitcoin-development] Proposal to address Bitcoin malware
Date: Sun, 1 Feb 2015 00:37:51 +0100	[thread overview]
Message-ID: <CAAt2M1_3BdKQTVxsN7Hc-W=q0_NWyhBg1UAuSwxRQ8BePDa-8g@mail.gmail.com> (raw)
In-Reply-To: <1348028F-26F8-42CB-9859-C9CB751BF0C9@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1856 bytes --]

Den 1 feb 2015 00:05 skrev "Brian Erdelyi" <brian.erdelyi@gmail•com>:
>>
>> See vanitygen. Yes, 8 characters can be brute forced.
>
> Thank you for this reference.  Interesting to see that there is a tool to
generate a vanity bitcoin address.
>
> I am still researching viruses that are designed to manipulate a bitcoin
address.  I suspect they are primitive in that they use a hardcoded rogue
bitcoin address as opposed to dynamically generating one.
>
> As a start, this would help protect against malware that uses a static
rogue bitcoin address.  The next thing would be for the malware to
brute-force the legitimate bitcoin address and generate a rogue bitcoin
address that would produce the same 8 digit code.  Curious to know how long
this brute force would take?  Or perhaps, before converting to 8 digits
there is some other hashing function that is performed.
>
> Brian Erdelyi

To bruteforce 8 decimals, on average you need (10^8)/2 = 50 000 000 tries.
log(50M)/log(2) = 25.6 bits of entropy.

One try = generate a random number, use it to generate an ECDSA keypair,
SHA256 and RIPEMD160 hash the public key per Bitcoin specs, then run that
OCRA hashing code, then compare strings. Considering the ECDSA operations
is by a large margin slower than all the hash functions, consider them to
just add a small percentage in performance drop vs regular vanitygen usage.

My non-gaming laptop performed IIRC at *a few million keys per second* with
OpenCL. I've used it to search for 6 character strings in the base58
Bitcoin addresses with it in 15 minutes to half an hour or so. That's about
35 bits of entropy (rough estimate, there's some details with padding in
the base58 representation that alters it).

So 2^(35-26) ~= 1 in 500 of that time, and that's if you use a laptop
instead of a GPU rig. Seconds at worst. Milliseconds if done on a rig.

[-- Attachment #2: Type: text/html, Size: 2120 bytes --]

next prev parent reply	other threads:[~2015-01-31 23:37 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-01-31 22:15 Brian Erdelyi
2015-01-31 22:38 ` Natanael
2015-01-31 23:04   ` Brian Erdelyi
2015-01-31 23:37     ` Natanael [this message]
2015-01-31 23:41       ` Natanael
2015-02-01 12:49         ` Brian Erdelyi
2015-02-01 13:31           ` Martin Habovštiak
2015-02-01 13:46             ` Mike Hearn
2015-02-01 13:54             ` Brian Erdelyi
2015-02-01 13:48           ` Mike Hearn
2015-02-01 14:28 ` mbde
2015-02-02 17:40   ` Brian Erdelyi
2015-02-02 17:54     ` Martin Habovštiak
2015-02-02 17:59       ` Mike Hearn
2015-02-02 18:02         ` Martin Habovštiak
2015-02-02 18:25           ` Mike Hearn
2015-02-02 18:35             ` Brian Erdelyi
2015-02-02 18:45               ` Eric Voskuil
2015-02-02 19:58                 ` Brian Erdelyi
2015-02-02 20:57                   ` Joel Joonatan Kaartinen
2015-02-02 21:03                     ` Brian Erdelyi
2015-02-02 21:09                       ` Pedro Worcel
2015-02-02 21:30                         ` devrandom
2015-02-02 21:49                           ` Brian Erdelyi
2015-02-02 21:42                         ` Brian Erdelyi
2015-02-02 21:02                   ` Pedro Worcel
2015-02-03  7:38                   ` Eric Voskuil
2015-02-02 18:10         ` Brian Erdelyi
2015-02-02 18:07       ` Brian Erdelyi
2015-02-02 18:05     ` Eric Voskuil
2015-02-02 18:53       ` Mike Hearn
2015-02-02 22:54         ` Eric Voskuil
2015-02-03  0:41           ` Eric Voskuil

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAAt2M1_3BdKQTVxsN7Hc-W=q0_NWyhBg1UAuSwxRQ8BePDa-8g@mail.gmail.com' \
    --to=natanael.l@gmail$(echo .)com \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    --cc=brian.erdelyi@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox